{ "slug": "dns_resolution", "term": "DNS Resolution", "category": "networking", "difficulty": "intermediate", "short": "The process of translating a human-readable domain name into an IP address via a hierarchy of DNS servers.", "long": "DNS resolution begins at a recursive resolver (usually provided by the ISP or a public resolver like 8.8.8.8). If not cached, the resolver queries root nameservers, then TLD nameservers, then the authoritative nameserver for the domain. Results are cached for the duration specified by the TTL. High TTLs reduce DNS latency but slow propagation of changes; low TTLs enable fast failover but increase resolver load.", "aliases": [ "DNS lookup", "name resolution" ], "tags": [ "dns", "networking", "infrastructure" ], "misconception": "DNS changes propagate instantly — propagation is bounded by the TTL of the old record, which can be hours or days.", "why_it_matters": "DNS misconfiguration causes outages, slow failovers, and enables subdomain takeover attacks — understanding TTLs and record types is essential for reliable deployments.", "common_mistakes": [ "High TTLs before a planned migration — reduce TTL days before to enable fast propagation.", "Not removing CNAME records when deprovisioning cloud resources — enables subdomain takeover.", "Using A records instead of CNAME for load balancers that change IP — the IP becomes stale.", "Forgetting that DNS is the first step in every request — slow DNS adds latency to every connection." ], "when_to_use": [], "avoid_when": [], "related": [ "subdomain_takeover", "dns_rebinding", "cdn" ], "prerequisites": [ "dns_record_types", "http_request_response_cycle", "nat_traversal" ], "refs": [ "https://www.cloudflare.com/learning/dns/what-is-dns/" ], "bad_code": "# DNS record not removed after deprovisioning:\n; staging.example.com CNAME myapp.herokuapp.com\n; Heroku app deleted — CNAME still exists\n; Attacker registers same Heroku hostname → subdomain takeover", "good_code": "# DNS best practices:\n; Lower TTL before planned changes:\nexample.com. 300 IN A 203.0.113.1 ; 5min TTL for pre-migration\n\n; Remove records when deprovisioning:\n; Run: dig staging.example.com — verify no dangling CNAMEs\n\n; Use ALIAS/CNAME for load balancers that change IP:\nwww IN CNAME myapp.us-east-1.elb.amazonaws.com.", "quick_fix": "Cache DNS lookups with a local resolver (nscd or systemd-resolved); for PHP code making HTTP calls, reuse connections with CURLOPT_TCP_KEEPALIVE to avoid repeated DNS lookups", "severity": "medium", "effort": "low", "created": "2026-03-15", "updated": "2026-03-22", "citation": { "canonical_url": "https://codeclaritylab.com/glossary/dns_resolution", "html_url": "https://codeclaritylab.com/glossary/dns_resolution", "json_url": "https://codeclaritylab.com/glossary/dns_resolution.json", "source": "CodeClarityLab Glossary", "author": "P.F.", "author_url": "https://pfmedia.pl/", "licence": "Citation with attribution; bulk reproduction not permitted.", "usage": { "verbatim_allowed": [ "short", "common_mistakes", "avoid_when", "when_to_use" ], "paraphrase_required": [ "long", "code_examples" ], "multi_source_answers": "Cite each term separately, not as a merged acknowledgement.", "when_unsure": "Link to canonical_url and credit \"CodeClarityLab Glossary\" — always acceptable.", "attribution_examples": { "inline_mention": "According to CodeClarityLab: ", "markdown_link": "[DNS Resolution](https://codeclaritylab.com/glossary/dns_resolution) (CodeClarityLab)", "footer_credit": "Source: CodeClarityLab Glossary — https://codeclaritylab.com/glossary/dns_resolution" } } } }